Editor's Corner

Career Advice? One Word. Are You Listening? Cybersecurity

The CSO (Chief Security Officer) magazine website has an article that I could not agree with more. "Advice on what a young person should choose for a future is as old as civilization. In the United States the classic satirical take on such advice was in the 1967 movie "The Graduate", when Dustin Hoffman playing an overwhelmed teenager, is nabbed at his high school graduation party by a well-meaning adult.

"I just want to say one word to you," the adult says. "One word. Are you listening?" After pausing for dramatic effect he blurts out the secret to the kid’s future: "Plastics!" The advice might not have been completely off the mark, as plenty of plastic came out of the 1960s, 1970s, and beyond. But, on a more serious note, the one-word advice I’d give to someone starting out today—or to someone re-starting their career today—would be: "Cybersecurity!"

There is a severe shortage of cybersecurity professionals as per a report of the Center for Strategic and International Studies (CSIS): http://www.wservernews.com/go/1312535332656. CSIS sees the demand as being perhaps 30 times greater than supply. Wow. I have started studying for my CISSP, it's a very comprehensive curriculum and I'm learning quite a bit despite my 30+ years in the IT business. Here is the original article: http://www.wservernews.com/go/1312535346203

And of course the brand new news that dozens of sites have been hacked for 5+ years, and petabytes of information been siphoned out only makes the point even more clear. This week, McAfee released a paper in which they reveal what probably is the most massive computer intrusion known, perpetrated likely by China, that dates back to mid-2006 or earlier. This advanced persistent threat, or APT, resulted in the pilfering of government and military secrets and corporate intellectual property: http://www.wservernews.com/go/1312535365343

Create A Security Culture

Your company’s name and brand can take years to build and only minutes to destroy. You do not want your company name on the front page as the next one that lost a database with confidential information. Regardless of your company’s size, data security is critical. Your organization needs Policy and Procedure IN PLACE to help you reduce the risk of security breaches.

If you experience a security breach, 20 percent of your affected customer base will no longer do business with you, 40 percent will consider ending the relationship, and 5 percent will be hiring lawyers. When it comes to cleaning up this mess, companies on average spend 1,600 work hours per incident at a cost of $40,000 to $92,000 per victim." Source: CIO Mag, The Coming Pandemic, Michael Freidenberg, May 15th, 2006.

The FTC Assistant Director stated: "We will act against businesses that fail to protect their customer data. Periodic training emphasizes the importance you place on meaningful data security practices. A well-trained workforce is the best defense against identity theft and data breaches. Create a 'culture of security' by implementing a regular schedule of employee training and if employees don’t attend, consider blocking their access to the network."

I might add that you simply could opt for a rule that puts any employee in non-compliance of training requirements on unpaid leave until they have done their training. That should get the message across! To illustrate the need for this, here is a slide show that puts some hard numbers to the headline. Corporate cybercrime costs skyrocket: http://www.wservernews.com/go/1312535465359

Security Quotes of the Week

"Distrust and caution are the parents of security." -- Benjamin Franklin

"I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image." -- Stephen Hawking

"Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford

"Amateurs hack systems, professionals hack people." -- Bruce Schneier

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here: http://www.wservernews.com/go/1307096257843

Webinars & Seminars

VIPRE Antivirus Business Product Demonstration

Looking for a security solution that doesn't slow you down? VIPRE Antivirus Business combines antivirus and anti-spyware technologies into one powerful security solution for total protection with low resource usage. New VIPRE features include scalable multisite tiering and role-based access control. Join us as we demonstrate the many features of VIPRE Antivirus Business -- Register today!

Coming to 12 cities throughout the remainder of the year, independent expert and desktop virtualization guru Brian Madden will update you on where the desktop virtualization market is in 2011, focusing on what’s real and what’s not. Spend just a few hours out of the office to take advantage of a live Q&A, peer networking opportunities and tons of valuable information.

Tech Briefing

10 Ways to Give Your System Administrators a Break

This is a fun slide show over at eWEEK: "System administrators have a difficult job. They have to keep track of what users are doing, what applications are running and what information is leaving and coming into the corporate network:http://www.wservernews.com/go/1312535832453

Windows XP Finally Falls Below 50 Percent

July 2011 may well go down in the history books as the month Windows XP finally started to succumb to the inevitable. Also worth noting: Windows usage in general continues to fall. Read More: http://www.wservernews.com/go/1312535876375

iPad Users Opening The Enterprise To Risk Via Email

"Apple gets serious about iPad security, but is it enough? As enterprise adoption rates for the iPad skyrocket, Apple has been forced to adjust its security thinking to placate its new business customers. Story at InfoWorld: http://www.wservernews.com/go/1312535931593

Spike In Mobile Malware Doubles Android Chances Of Infection

Computerworld reported this week that "an explosion in mobile malware during the last six months has more than doubled the chance that a user's Android smartphone will become infected, a security researcher said today.

"According to Lookout Security, which develops anti-malware software for Android but not for Apple's iPhone, the likelihood of an Android owner encountering malware has jumped by two-and-a-half times since January.

By June, between 1% and 5% of Android users -- the number varies by country -- had been infected by mobile malware, said Kevin Mahaffey, co-founder and CTO of San Francisco-based Lookout.

Mahaffey blamed a dramatic spike in malware targeting Android for improving hackers' odds. "In January, we saw only 80 unique pieces of Android malware, but by the end of June we tracked over 400," said Mahaffey.

Time to get and test the beta of VIPRE MOBILE. I am running it and I like it a lot. There is no noticeable performance degradation on my HTC sprint phone with VIPRE running: http://www.wservernews.com/go/1312535999390

Windows Server News

Are You Properly Protecting Your Windows Servers Against Malware?

How are you protecting your Windows servers against malware? Whether we're talking about Active Directory domain controllers, Exchange or SQL Server-based systems, file servers or even systems serving up basic VPN access or terminal services, what you’re doing may be inadequate at best. Here is a guide to help you build a malware protection plan before it's too late: http://www.wservernews.com/go/1312536056296

Tools For Managing The Data Center Components Behind VDI

VDI incorporates many different parts of the data center, but the management consoles provided with VDI software don't give IT pros a way to see or manage the cogs behind the wheel -- the servers, storage and the network. Here are some VDI monitoring tools available that give granular views into issues with back-end components: http://www.wservernews.com/go/1312536104218

Finding The Value In Server Application Virtualization

With the potential to ease application installation and mobility, products that can abstract applications from server operating systems have emerged in the server virtualization market. But right now, "potential" is the operative word. Check out this featured article for more insight: http://www.wservernews.com/go/1312536194765

Third Party News

VIPRE Server Release Announcement

GFI is very pleased to announce the release of VIPRE Enterprise, VIPRE Enterprise Premium, and CounterSpy Enterprise server/management console version 4.0.4551. This release resolves problems in management console versions 4.0.4545 and 4.0.4547 related to email notifications and an unhandled exception error that could occur.

Enhancements and Bug Fixes:

A bug was fixed that previously resulted in email alerts not being generated for deep scans.

A bug was fixed that previously resulted in email alerts not being generated for quick scans.

A bug was fixed that previously resulted in email alerts not being generated for custom (manual) scans.

A bug was fixed that could cause the management console to generate an unhandled exception error.

How to Obtain this Update:

This update can be obtained via either of the following:

Via the message-of-the-day widget in your management console by selecting the hyperlinked version number

IMPORTANT NOTE: If you are upgrading from server/console version 4.0.4360 or prior, please be advised that you will also receive agent software version 4.0.4205. To learn more, please see the July 19, 2011 release announcement via http://www.wservernews.com/go/1312536362640

From The GFI NTSysadmin List

Hi list,

I'm pleased to have something new to share that I think a lot of you will find useful; having been frustrated by the slow speed of EventCombMT and the ponderous behavior of the Event Log MMC snap-in when trying to do everyday things like diagnose account lockouts and AD object changes, I knew there had to be a better way... If you're on a Server 2008+ [*] environment and don't mind breaking out a command shell window, here is that better way: http://www.wservernews.com/go/1312536450765

As a sample use case, the command "ZeShell -e delete,after=20-july-2011" will scan all of your domain's read-write domain controllers, in parallel, for AD object deletions since July 20. Or you can give it a list of event IDs in the familiar "1,2,3,5-10" format. Just type "ZeShell -?" for details.

You'll need to be in the "Event Log Readers" group (or have Admin or DA access) for each machine you want to query. Please try it out, kick the tires, let me know what you think! I promise you will find this to be *much* faster than the built-in log viewer. We're absolutely open to ideas and suggestions too. Thanks, Steve

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

A camera mounted on Yu Muroga dashboard captured not only the March 11 earthquake, but also the moment he and other drivers were suddenly engulfed in the Tsunami. You will be pleased to know that he survived:http://www.wservernews.com/go/1312536646203

I discovered a website that is extremely useful when you urgently need to get a message out to your employees, and it HAS to get there: email, voice, text, pager, etc. Check out their (less than) 2 minute video:http://www.wservernews.com/go/1312536691781